Using ready-made templates to comply with DO-178C and DO-254
Guidance provided in industry standards DO-178C and DO-254 for civil aviation airborne software and hardware certification may be perceived as complex and difficult to implement in practice. This complexity result from the inherent flexibility of these standards, which allow for a wide range of architecture and development processes. Using document templates provide development teams, which are new to the civil aviation domain, with a useful help to achieve success of their project.
The complexity of airborne software and electronic hardware certification documentation
DO-178C and DO-254 are standards that propose guidance to meet aviation regulation applicable to airborne systems and equipment. This guidance is aimed at reducing, as much as possible, the risk of design error being introduced during the development of airborne software and airborne electronic hardware and not removed during verification activities.
However, these standards are notoriously difficult to apply, especially for new comers in the civil aviation industry. Therefore, the idea of using templates to produce the documentation that is implied by the applicable objectives is attractive.
DO-178C and DO-254 are objective based and flexible
Rather than being overly prescriptive by defining methods and processes to be applied, these standards only specify objectives to be met by the applied processes. This allows very high flexibility in term of product architecture, development strategies, methods and tools.
Objectives in both DO-178C and DO-254 specify the data to be produced by the various processes and give names to this data (e.g. Design Description, Software Verification Results, Conceptual Design Data, Problem Reports). It is tempting to consider that each of these data items are actual documents, for which templates can be developed. It is, however, permitted to merge this data in common documents, or to manage the requested data in a data base rather than in documents.
Another key feature of the DO-178C and DO-254 is the concept of transition criteria. Both standards specify the objective to have transition criteria defined between process steps. However, no specific constraint is put on the actual criteria that are defined. This allows the selection of very different life-cycle strategies, from the very rigid waterfall model to iterative strategies; concurrent engineering is also possible and, even, some form of reverse engineering may be possible.
The use of tools is also an opportunity offered to automate some activities that may have a significant impact on the processes applied and on the form of data produced. Consequently, the choice of using tools will have an important impact on the plans that are required by the standards.
Document templates to support certification
The above considerations explain the difficulty to elaborate templates. They should be flexible enough to allow taking into account the specifics of the organisation using them and of their project. They also need to be simple enough to smoothen the inherent difficulties in applying DO-178C and DO-254.
More than twenty years of experience in auditing airborne hardware and software project and in consultancy for such project have allowed PMV-CS consultants identifying the most effective strategies for life-cycle organisation, the must-use methods and tools, and the most frequent pitfalls to be avoided. The resulting templates are based on this background to offer enough flexibility to accommodate for most projects while providing sufficient guidance for teams which are new to civil aviation critical equipment.
Author: Philippe Robert, System design Assurance & Certification Engineer, PMV Consulting & Services